NAME Cybersecurity and Network Monitoring Lab

MOST OUTSTANDING EQUIPMENT AND COMPONENTS

• Control Room

  Equipped space for the performing of training sessions and for the execution of efficiency and ability evaluation trials of the integrated tools, in addition to the monitoring and tracking of attacking mocks. The room has capacity for 10 people, 2 projectors, additional screens in all work places and access to laboratory tools.

• Flowgate probes

  These are high efficiency devices designed for improve significantly network’s security by supervising network’s traffic and exporting flux information which can be collected and analysed.
  - Supports Netflow v5, v9, IPFIX, sFlow and JFlow protocols.
  - 100% Package capture flux and/or sampled flux generation.
  - Personalised templates to export traffic information.
  - Package (DPI) detailed checking function.
  - SNMP y Syslog compatibility.

• Intrusion probes

  There are high efficiency IPS/IDS intrusion sounding lines designed for providing an easy, scalable and flexible way to protect the network:
  - 10G connectivity.
  - Acceleration through Hardware.
  - Bypass LAN or connection failure ability.
  - Frontal connectivity.
  - Superfluous feeding sources.

• Security Operations Center (SOC)

  SOC supported by RedBorder Platform:
  - Traffic analyser: Netflow v5, v9 IPFIX, sFlow collectors, DPI analysis, anomalies, Malware, DLP, vulnerabilities, geolocation. For wired and Wireless network.
  - Intrusion: SNORT IDS/IPS display, Centralised managing, Signing politics, anomalies, attacks. Geoblocking and Reputation. Personalised rules. Hierarchy politics. Multiple sources.
  - Correlation Engine: allows any analysis by combining any rule. Detects anomalies and performance.
  - Vault (SIEM): Treatment, normalization and Logs’ storage. Performance analysis. HW/SW actives integration.
  - Infrastructure monitor: hardware monitoring through SNMP, Redfish, bulk-stats.
  - Mobility: Integration using suppliers’ APIes. Interior location. Location analytics.